[unisog] fw: insecure wireless LAN deployment at .edu

Ben Curran bdc1 at humboldt.edu
Fri Jan 25 20:55:33 GMT 2002


On 25 Jan 2002, at 10:47, H. Morrow Long wrote:

What type of authentication system are your POP3 accounts and passwords stored in?
Unix local passwd/shadow files?  
---Yes

NIS/NIS+? Netscape or other LDAP? NT or W2K AD domain?
---No. (Except that we DO have a special purpose LDAP) W2K AD
---is a whole different can-o-worms for us!

Yale keeps parallel Kerberos 5 and Windows 2000 AD accounts (called the Yale NetID)
in synch and are able to serve out authentication requests against the NetID/password
via a variety of authentication protocols :
---I'm hoping that there is a way for us to keep /etc/passwd and 
Kerberos 5 or Radius or TACACS :"in sync." ??

We require MAC address registration for both residential room connections as well as
roaming.  
---We also require MAC address registration, but don't enforce 
authentication. (have considered NetReg though) 

Typically most students (and this would apply
to desktop PC/Mac faculty users) are (and would be) assigned a semi-permanent (for 1 year)
"home" IP address on the subnet on which the computer would sit while at Yale most of the
time.  
---Ugh. Does this require lots of FTE hours to manage?



Network Specialist
Humboldt State University
c/o Telecommunications & Network Services
1 Harpst St. Arcata, CA 95521
Phone: (707)826-5000
FAX: (707)826-6161
Email: bdc1 at humboldt.edu
Sure I'll buy the Internet. How 'bout a trade... 
My mousepad?



More information about the unisog mailing list